Last news
Consequences of the Shelling of Lviv – Kozytskyi Informed About New Details today, 09:21
Internally Displaced Persons have updated pension acquisition rules - what has changed today, 08:45
The route of drones and missiles last night - a map was shown online today, 08:42
Strike on Bukovina — due to the attack by the Russian Federation, there are casualties and injuries today, 08:23
Russia dealt over 500 strikes on Zaporizhzhia in a day - casualties reported today, 07:34
Russia struck Kharkiv 10 times - what is known about the consequences today, 06:38
The Absence of a Paper Military Document - Does the TCC Have the Right to Impose a Fine today, 06:30
Red Ribbon in 'Reserve+' - Will it Disappear After Paying the Fine today, 06:27
One-time Payments for Contract Soldiers 2025 — Amounts today, 05:49
Conscription in July - who can qualify for full exemption today, 04:30
The driver was arrested in Russia in connection with the 'Web' operation today, 03:32
SBU employee leaked state secrets — what the court decided today, 03:32
The Senate committee approved military aid to Ukraine, — Reuters today, 02:43
A Resident of Odesa Ignored the Call from the Military Registration Office Twice - How He Was Punished today, 01:33
Show more

Targeted cyberattacks on the defense sector recorded in Ukraine via a popular messenger.

19.03.2025 2520
Shostal Oleksandr
Journalist Shostal Oleksandr
19.03.2025 2520
Cyberattacks on the defense sector recorded
Cyberattacks on the defense sector recorded

The CERT-UA team has detected cyberattacks on employees of the defense industry and the Armed Forces of Ukraine.

In March 2025, messages containing reports were found in the Signal messenger. Some messages were sent from individuals with compromised accounts to increase trust.

Typically, these archives contain a .pdf file and an executable file named DarkTortilla. DarkTortilla is a crypter/loader used to launch the remote control program Dark Crystal RAT (DCRAT).

'It should be noted that this activity has been tracked under the identifier UAC-0200 since at least the summer of 2024. Meanwhile, starting in February 2025, the content of the bait messages relates to UAVs, electronic warfare means, etc. The use of popular messengers, both on mobile devices and computers, significantly expands the attack surface, including by creating uncontrolled (in terms of protection means) channels for information exchange,' - CERT-UA reported.

Read also
Read 112.ua in telegramtelegramm logo
Read 112.ua in googlegoogle logo
You may be interested
Consequences of the Shelling of Lviv – Kozytskyi Informed About New Details
Consequences of the Shelling of Lviv – Kozytskyi Informed About New Details
today, 09:21 214
Internally Displaced Persons have updated pension acquisition rules - what has changed
Internally Displaced Persons have updated pension acquisition rules - what has changed
today, 08:45 298
The route of drones and missiles last night - a map was shown online
The route of drones and missiles last night - a map was shown online
today, 08:42 291
Strike on Bukovina — due to the attack by the Russian Federation, there are casualties and injuries
Strike on Bukovina — due to the attack by the Russian Federation, there are casualties and injuries
today, 08:23 355
Russia dealt over 500 strikes on Zaporizhzhia in a day - casualties reported
Russia dealt over 500 strikes on Zaporizhzhia in a day - casualties reported
today, 07:34 376
Russia struck Kharkiv 10 times - what is known about the consequences
Russia struck Kharkiv 10 times - what is known about the consequences
today, 06:38 473

Advertising